package com.huike.pmps.utils;

import org.springframework.security.access.AuthorizationServiceException;
import org.springframework.security.oauth2.common.OAuth2AccessToken;

import javax.servlet.http.HttpServletRequest;

/**
 * 作者：谌贵斌(黑桃K)
 * 日期: 2888-08-08
 * 老师QQ: 272488352
 * 官方QQ交流群: 377748272
 * 刀客程序员官网：http://www.daoke360.com
 * 刀客程序员淘宝旗舰店：https://daoke360.taobao.com/
 */
public class TokenUtil {

    public static String getToken(HttpServletRequest request) {
        //从请求头中获取token
        String token = request.getHeader("Authorization");
        if (token != null && (token.toLowerCase().startsWith(OAuth2AccessToken.BEARER_TYPE.toLowerCase()))) {
            token = token.substring(OAuth2AccessToken.BEARER_TYPE.length()).trim();
        } else {
            //从请求参数中获取
            token = request.getParameter(OAuth2AccessToken.ACCESS_TOKEN);
        }
        if (token == null&&request.getRequestURL().toString().contains("export"))
            throw new AuthorizationServiceException("客户端未携带token进行非法访问,此访问被限制！");
        return token;
    }
}
